On March 28, 2003, Boeing applied for an FAA type certificate for its new Boeing Model 787-8 passenger airplane. The Boeing Model 787-8 airplane will be an all-new, two-engine jet transport airplane with a two-aisle cabin. The maximum takeoff weight will be 476,000 pounds, with a maximum passenger count of 381 passengers.

The report goes on to detail the fact that the 787 exhibits ... unusual and unique features...

Novel or Unusual Design Features

The digital systems architecture for the 787 consists of several networks connected by electronics and embedded software. This proposed network architecture is used for a diverse set of functions, including the following:

The proposed architecture of the 787 is different from that of existing production (and retrofitted) airplanes. It allows new kinds of passenger connectivity to previously isolated data networks connected to systems that perform functions required for the safe operation ofthe airplane.

Because of this new passenger connectivity, the proposed data network design and integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane. The existing regulations and guidance material did not anticipate this type of system architecture or electronic access to aircraft systems that provide flight critical functions.

Furthermore, 14 CFR regulations and current system safety assessment policy and techniques do not address potential security vulnerabilities that could be caused by unauthorized access to aircraft data buses and servers.

Therefore, special conditions are imposed to ensure that security, integrity, and availability of the aircraft systems and data networks are not compromised by certain wired or wireless electronic connections between airplane data buses and networks.

(Boeing spokeswoman Lori Gunter is reported saying that the wording of the FAA document is misleading, and that the plane's networks don't completely connect.)

After considerable and detailed discussion involving Airbus (in relation to the 380 design) involving the wording of the guidelines ...

Airbus stated that in the sentence ;``The design shall prevent all inadvertent or malicious changes to, and all adverse impacts * * *'', the wording ``shall prevent ALL'' can be interpreted as a zero allowance. According to the commenter, demonstration of compliance with such a requirement during the entire life cycle of the aircraft is quite impossible because security threats evolve very rapidly. The only possible solution to such a requirement would be to physically segregate the Passenger Information and Entertainment Domain from the other domains. This would mean, for example, no shared resources like SATCOM (satellite communications), and no network connections.

Finally the FAA agreed this wording

The applicant shall ensure that security threats from all points within the Passenger Information and Entertainment Domain, are identified and risk mitigation strategies are implemented to protect the Aircraft Control Domain and Airline Information Services Domainfrom adverse impacts reducing the aircraft safety.

In relation to the document as prepared they finalise the various arguments..

Applicability

As discussed above, these special conditions are applicable to the 787. Should Boeing apply at a later date for a change to the type certificate to include another model on the same type certificate incorporating the same novel or unusual design features, these special conditions would apply to that model as well.

Conclusion

This action affects only certain novel or unusual design features of the 787. It is not a rule of general applicability.

and that ..

The Special Conditions

Accordingly, pursuant to the authority delegated to me by the Administrator, the following special conditions are issued as part of the type certification basis for the Boeing Model 787-8 airplane.

The design shall prevent all inadvertent or malicious changes to, and all adverse impacts upon, all systems, networks, hardware, software, and data in the Aircraft Control Domain and in the Airline Information Domain from all points within the Passenger Information and Entertainment Domain.

Naturally this has raised a great deal of interest and concern and resulted in many articles in computer echnical press which highlight this technical requirement in a rather high profile and alarming manner ...

Boeings's Gunter said they have been working on the issue with the FAA for a number of years already and was aware that the agency was planning to publish a "special conditions" document regarding the Dreamliner.

Gunter said the FAA and Boeing have already agreed on the tests that the plane manufacturer will have to do to demonstrate that it has addressed the FAA's security concerns.

"It will all be done before the first airplane is delivered," she said.

The FAA have issued FAA has issued eight special conditions on the Boeing 787,. The FAA publishes them whenever it encounters unusual issues regarding a plane's design or performance in order to communicate on record that it expects the manufacturer to address the issue. It is then the manufacturer responsibility to demonstrate to the FAA that it has solved the problem.

Whilst it is late in the day for such concerns to be raised - it must be remembered that since first applying for Type certification with the FAA in March 28, 2003, Customer In Flight Entertainment (IFE) has made massive strides to accomadate need / want to use mobile phones (miraculously used on 9/11- God was watching that day) , internet connectivity, video on demand, PC usage between users in flight, multiple gaming etc.,

The Airbus family, has a modular architecture, with 5 physically separate computer boxes in the flight control system (7 with 2 flight augmentation computers, or FAC's) and the flight management and guidance system (FMGS) computer boxes are physically separate from all of these.

The Airbus was of course the first wide bodied jet family to use "fly by wire" (FBW) on the A320, which entered service in 1988 - reducing weight and providing safer flying - and clutter free cockpit without the familiar " yoke ", just a little side positioned joystick ( see layout /pic here) . The same system is also used on the Airbus A330 and A340 and now 380 widebody jets. The only Boeing plane with fly-by-wire technology is the 777 which, as a result has a computer architecture different to the 747 series - about which there have been no concerns. In the 777 the main Common Computer Resource (CCR) box has an internal architecture which is supposed to provide cast-iron separation between partitions so that a partition providing a flight-critical service cannot be interfered with by a less critical process.

Boeing and Airbus differ in their FBW philosophies. In Airbus aircraft, the computer always retains ultimate control and will not permit the pilot to fly outside the normal flight envelope. In a Boeing 777, the pilot can override the system, allowing the plane to be flown outside this envelope in emergencies.It was precisely trying to meet the demands for IFE services which led to such major delays in launching the Airbus 380, although it was more to do with physically cabling the systems than the systems software architecture .. evidently Airbus have a substantial lead in this area... which they will not sacrifice soon or easily.

Mrs Shanahan is going to see even less of her husband.

Pic is of 1st delivered Airbus 380 at Singapore Airport before first flight by SA staff.